目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-789 未经控制的内存分配 类漏洞列表 121

CWE-789 未经控制的内存分配 类弱点 121 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-789 属于内存分配漏洞,指程序基于不可信的大数值分配内存,却未验证其是否在预期范围内。攻击者通常利用此缺陷提交超大尺寸值,导致系统分配过量内存,进而引发拒绝服务或内存耗尽。开发者应避免此类风险,在分配内存前严格校验输入参数,确保其处于合理且安全的阈值范围内,从而防止资源被恶意滥用。

MITRE CWE 官方描述
CWE:CWE-789 使用过大值进行内存分配(Memory Allocation with Excessive Size Value) 英文:该产品基于不受信任的大尺寸值分配内存,但未确保该尺寸在预期限制范围内,从而导致可以分配任意数量的内存。
常见影响 (1)
AvailabilityDoS: Resource Consumption (Memory)
Not controlling memory allocation can result in a request for too much system memory, possibly leading to a crash of the application due to out-of-memory conditions, or the consumption of a large amount of memory on the system.
缓解措施 (2)
Implementation, Architecture and DesignPerform adequate input validation against any value that influences the amount of memory that is allocated. Define an appropriate strategy for handling requests that exceed the limit, and consider supporting a configuration option so that the administrator can extend the amount of memory to be used if necessary.
OperationRun your program using system-provided resource limits for memory. This might still cause the program to crash or exit, but the impact to the rest of the system will be minimized.
代码示例 (2)
Consider the following code, which accepts an untrusted size value and allocates a buffer to contain a string of the given size.
unsigned int size = GetUntrustedInt(); /* ignore integer overflow (CWE-190) for this example */ unsigned int totBytes = size * sizeof(char); char *string = (char *)malloc(totBytes); InitializeString(string);
Bad · C
Consider the following code, which accepts an untrusted size value and uses the size as an initial capacity for a HashMap.
unsigned int size = GetUntrustedInt(); HashMap list = new HashMap(size);
Bad · Java
CVE ID标题CVSS风险等级Published
CVE-2017-7651 Eclipse Mosquitto 安全漏洞 — Eclipse Mosquitto 7.5 -2018-04-24

CWE-789(未经控制的内存分配) 是常见的弱点类别,本平台收录该类弱点关联的 121 条 CVE 漏洞。